Revershell Over Internet

i am running kali in a virtual machine both my router and the virtual machine are configured with NAT.when i am trying reverse shell over lan(from virtual machine to virtual machine). I am able to use the reverse shell. How to use reverse shell over wan with nat configured router and nat configured kali vm Basically you have to make sure to setup port forwarding (or full 1:1 NAT) on the WAN side. Make sure that your firewall allows connections inbound on the specified port. When you create the payload use the WAN IP address to connect back to. Also set your WAN address as the LHOST in your listener. The payload should connect back to your WAN IP, which should NAT it to your listener, which in turn should catch it and setup the shell. I found the following clear post, which illustrates the point. They check with port 80/443, but any port should be fine as long as you setup the forwarding. [Meterpreter and NAT](https://www.corelan.be/index.php/2014/01/04/metasploit-meterpreter-and-nat/) I think you can also place your attack machine on the DMZ, and control the open/closed ports from it, instead of your router firewall. First take your box off nat. Second use Wlan interface Third Portforward your ports you want facing the internet Fourth Create payload using the LHOST and LPORT proper IP and Port (Internet facing IP and Port) Fifth Launch goes the missle. PS no need for reverse shells that often if your connecting from your home machine using no VPN's or anything it will just be traced back to you lol. @ZeroGravity that would actually be a great class on this site (if it does not yet exist): How to avoid attribution. I was having the same problem. I will try @synack 's and @ZeroGravity 's advice For work we usually either set up a socks proxy over ssh to keep things secure though in a pinch i have set up a dynamic dns that points traffic to firewall setup with a SNAT and PAT to connect to a listening server. How about running Kali in AWS? Did you get it to work @msfid?